1 matches found
Cuvva: Reflected XSS on Branch domain
Date: 22th May 2017 Browser: Firefox 50 Parameter: branchflowid Authenticated: No Details: Arbitrary javascript can be injected in the home search bar. The search parameter called sort is vulnerable. POC:...